U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2024-43885

Change History

CVE Translated by kernel.org 10/28/2024 10:15:07 PM

Action Type Old Value New Value
Removed Translation
Title: kernel de Linux
Description: En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: corrige el doble desbloqueo de inodo para escrituras de sincronización de IO directa. Si realizamos una escritura de sincronización de IO directa, en btrfs_sync_file(), y necesitamos omitir el registro de inodo o obtendremos un error al iniciar una transacción o un error al vaciar delalloc, terminamos desbloqueando el inodo cuando no deberíamos bajo la etiqueta 'out_release_extents', y luego lo desbloqueamos nuevamente en btrfs_direct_write(). Solucione eso verificando si tenemos que omitir el desbloqueo de inodos debajo de esa etiqueta.

								
						

CVE Modified by kernel.org 10/28/2024 10:15:07 PM

Action Type Old Value New Value
Changed Description
In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix double inode unlock for direct IO sync writes

If we do a direct IO sync write, at btrfs_sync_file(), and we need to skip
inode logging or we get an error starting a transaction or an error when
flushing delalloc, we end up unlocking the inode when we shouldn't under
the 'out_release_extents' label, and then unlock it again at
btrfs_direct_write().

Fix that by checking if we have to skip inode unlocking under that label.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Removed CVSS V3.1
NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

								
						
Removed CWE
NIST CWE-667

								
						
Removed CPE Configuration
OR
     
          *cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*

								
						
Removed Reference
kernel.org https://git.kernel.org/stable/c/1a607d22dea4f60438747705495ec4d0af2ec451

								
						
Removed Reference
kernel.org https://git.kernel.org/stable/c/7ba27f14161fc20c4fc0051658a22ddd832eb0aa

								
						
Removed Reference
kernel.org https://git.kernel.org/stable/c/8bd4c9220416111500c275546c69c63d42185793

								
						
Removed Reference
kernel.org https://git.kernel.org/stable/c/d924a0be2f218501588cf463d70f1c71afea06d9

								
						
Removed Reference
kernel.org https://git.kernel.org/stable/c/e0391e92f9ab4fb3dbdeb139c967dcfa7ac4b115

								
						

CVE Rejected by kernel.org 10/28/2024 10:15:07 PM

Action Type Old Value New Value